{"id":3104,"date":"2018-02-20T16:42:10","date_gmt":"2018-02-20T23:42:10","guid":{"rendered":"https:\/\/zed.inguardians.com\/?p=3104"},"modified":"2019-08-19T13:40:19","modified_gmt":"2019-08-19T20:40:19","slug":"theft-of-newtek-domains-is-a-reminder-to-stay-vigilant","status":"publish","type":"post","link":"https:\/\/zed.inguardians.com\/brief\/theft-of-newtek-domains-is-a-reminder-to-stay-vigilant\/","title":{"rendered":"Theft of Newtek Domains Is A Reminder To Stay Vigilant"},"content":{"rendered":"
Issue<\/strong><\/p>\n Last week a web services company (Newtek) responsible for hosting over 100,000 e-commerce based websites and email servers had three of its core domains stolen. \u00a0These domains originally hosted software that allowed customers of these services to manage their websites.<\/p>\n The attackers then replaced the application that users would normally use to manage their websites with his own application in the form of a live chat service. \u00a0When users logged in, they believed themselves to be chatting with a helpful admin, when in fact they were communicating with the attacker.<\/p>\n Impact<\/strong><\/p>\n The full impact of this is still being determined. \u00a0However, corporate email for many of their customers became unavailable, business websites no longer resolved, and sensitive information was most likely communicated to the attacker.<\/p>\n Recommendations<\/strong><\/p>\n InGuardians recommends that all businesses consider domain hijacking as a potential event in their Business Continuity Plans (BCP). \u00a0It\u2019s important to stay vigilant in ensuring continued ownership of domains. It\u2019s also important to have plans to use secondary domains for web and email traffic in the event of having lost ownership of a domain.<\/p>\n InGuardians recommends building your own capabilities to gather counter-intelligence and to proactively monitor your organizations’ digital footprint.\u00a0 Consider scripts or services for monitoring DNS changes to the domains that you control.<\/p>\n <\/p>\n Wikipedia list these options as a means to prevent an unwanted domain transfer:<\/p>\n Additional Resources<\/strong><\/p>\n https:\/\/krebsonsecurity.com\/2018\/02\/domain-theft-strands-thousands-of-web-sites\/<\/a> \u00a0Theft of Newtek domains is a reminder to stay vigilant Issue Last week a web services company (Newtek) responsible for hosting over 100,000 e-commerce based websites and email servers had three of its core domains stolen. \u00a0These domains originally hosted software that allowed customers of these services to manage their websites. The attackers then replaced […]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[169],"tags":[117,135,106,83,104,130,129],"_links":{"self":[{"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/posts\/3104"}],"collection":[{"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/comments?post=3104"}],"version-history":[{"count":1,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/posts\/3104\/revisions"}],"predecessor-version":[{"id":3105,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/posts\/3104\/revisions\/3105"}],"wp:attachment":[{"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/media?parent=3104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/categories?post=3104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zed.inguardians.com\/wp-json\/wp\/v2\/tags?post=3104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\nhttps:\/\/en.m.wikipedia.org\/wiki\/Domain_hijacking<\/a><\/strong><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"